packages/lib/server-only/user/reset-password.ts

import { compare, hash } from 'bcrypt';

import { prisma } from '@documenso/prisma';

import { SALT_ROUNDS } from '../../constants/auth';
import { sendResetPassword } from '../auth/send-reset-password';

export type ResetPasswordOptions = {
  token: string;
  password: string;
};

export const resetPassword = async ({ token, password }: ResetPasswordOptions) => {
  if (!token) {
    throw new Error('Invalid token provided. Please try again.');
  }

  const foundToken = await prisma.passwordResetToken.findFirst({
    where: {
      token,
    },
    include: {
      User: true,
    },
  });

  if (!foundToken) {
    throw new Error('Invalid token provided. Please try again.');
  }

  const now = new Date();

  if (now > foundToken.expiry) {
    throw new Error('Token has expired. Please try again.');
  }

  const isSamePassword = await compare(password, foundToken.User.password || '');

  if (isSamePassword) {
    throw new Error('Your new password cannot be the same as your old password.');
  }

  const hashedPassword = await hash(password, SALT_ROUNDS);

  await prisma.$transaction([
    prisma.user.update({
      where: {
        id: foundToken.userId,
      },
      data: {
        password: hashedPassword,
      },
    }),
    prisma.passwordResetToken.deleteMany({
      where: {
        userId: foundToken.userId,
      },
    }),
  ]);

  await sendResetPassword({ userId: foundToken.userId });
};
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`import { compare, hash } from 'bcrypt';`

			`import { prisma } from '@documenso/prisma';`

			`import { SALT_ROUNDS } from '../../constants/auth';`
feat: send email to user on successful password reset 2023-09-18 14:31:04 +00:00			`import { sendResetPassword } from '../auth/send-reset-password';`
feat: add reset functionality 2023-09-18 14:03:33 +00:00
			`export type ResetPasswordOptions = {`
			`token: string;`
			`password: string;`
			`};`

			`export const resetPassword = async ({ token, password }: ResetPasswordOptions) => {`
			`if (!token) {`
feat: better error handling and better toast messages 2023-09-18 15:09:41 +00:00			`throw new Error('Invalid token provided. Please try again.');`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`}`

fix: add layout and minor updates 2023-09-19 13:34:54 +00:00			`const foundToken = await prisma.passwordResetToken.findFirst({`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`where: {`
			`token,`
			`},`
			`include: {`
			`User: true,`
			`},`
			`});`

			`if (!foundToken) {`
feat: better error handling and better toast messages 2023-09-18 15:09:41 +00:00			`throw new Error('Invalid token provided. Please try again.');`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`}`

			`const now = new Date();`

			`if (now > foundToken.expiry) {`
feat: better error handling and better toast messages 2023-09-18 15:09:41 +00:00			`throw new Error('Token has expired. Please try again.');`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`}`

fix: add layout and minor updates 2023-09-19 13:34:54 +00:00			`const isSamePassword = await compare(password, foundToken.User.password \|\| '');`
feat: add reset functionality 2023-09-18 14:03:33 +00:00
			`if (isSamePassword) {`
			`throw new Error('Your new password cannot be the same as your old password.');`
			`}`

			`const hashedPassword = await hash(password, SALT_ROUNDS);`

fix: add layout and minor updates 2023-09-19 13:34:54 +00:00			`await prisma.$transaction([`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`prisma.user.update({`
			`where: {`
			`id: foundToken.userId,`
			`},`
			`data: {`
			`password: hashedPassword,`
			`},`
			`}),`
			`prisma.passwordResetToken.deleteMany({`
			`where: {`
			`userId: foundToken.userId,`
			`},`
			`}),`
			`]);`

feat: send email to user on successful password reset 2023-09-18 14:31:04 +00:00			`await sendResetPassword({ userId: foundToken.userId });`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`};`